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DETAILED ACTION 

Claims 1-37 have been examined. 

Information Disclosure Statement PTO-1449 

The Information Disclosure Statements submitted by applicant on 09/28/2004, 
11/05/2003, 08/11/2003 and 04/08/2002 has been considered. Please see 
attached PTO-1449. 

Claim Objections 

1 . Claim 4 is objected to because of the following informalities: There is no 
definition or reference in claims 1 or 2 to a "cryptographic device". Therefore, 
"cryptographic device" is an item introduced in claim 4. Using "a cryptographic 
device" Instead of "the cryptographic device" gives the broadest interpretations to 
the claim, and is recommended. Appropriate correction is required. 

Claim Rejections - 35 USC § 102 

2. The following is a quotation of the appropriate paragraphs of 35 
U.S.C. 102 that form the basis for the rejections under this section made in this 
Office action: 

A person shall be entitled to a patent unless - 
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(e) the invention was described in a patent granted on an application for patent by another 
filed in the United States before the invention thereof by the applicant for patent, or on an 
international application by another who has fulfilled the requirements of paragraphs (1), (2), 
and (4) of section 371 (c) of this title before the invention thereof by the applicant for patent. 

3. Claims 1 to 37 are rejected under 35 U.S.C. 102(e) as being anticipated 
by Whitehouse (US Patent No. 6,005,945). The reference is included and 
identified as prior art in application Information Disclosure Statement. 

3.1. As per claims 1 and 22, Whitehouse is directed to a system and method 
for providing public key infrastructure security (column 9 lines 32 to 35) in a wide 
area computer network (Fig. 4, column 7 lines 54 to 68) comprising: a user 
terminal (Fig. 4, user interface) coupled to the computer network (Fig. 4, as 
described in column 7 lines 54 to 68) including a client system (Fig. 4 item 104 
and PCs); a private key, and a public key assigned to a user when the user 
registers with the system using the user terminal (Fig. 4, column 7 lines 54 to 68); 
a database remote from the user terminal for securely storing the private key and 
the public key (column 8 lines 23 to 62); a server system remote from the user 
terminal (Fig. 4, item 102 secure central computer, as described in column 8 
Iine23) and coupled to the computer network (column 8 lines 63 to 65) including 
a computer executable code for performing a cryptographic function as a user 
transaction data on behalf of the user (column 12 line 57 to column 13 line 55). 

3.2. As per claim 2, Whitehouse is directed to the system of claim 1 , further 
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comprising a plurality of security device transaction data stored in the database, 
wherein each security device transaction data is related to a respective user 
(column 10 line 45 to column 11 line 30). 



3.3. As per claim 3, Whitehouse is directed the system of claim 1 , wherein the 
private key is encrypted when it is stored in the database (column 18 lines 50 to 
56). 



3.4. As per claim 4, Whitehouse is directed the system of claim 2, wherein a 
respective security device transaction data related to a user (Fig. 5A item 200, 
202, 204 and 206) is loaded into a cryptographic device (the process that 
decrypts the message requests and digital signatures, as described in column 12 
line 15 to column 13 line 15) when the user requests a service (Fig. 5A, item 
200). 



3.5. As per claim 5, Whitehouse is directed the system of claim 1 , wherein the 
server system includes a cryptographic device to authenticate the identity of the 
user (column 12 lines 15 to 55) and verify that the identified user is authorized to 
assume a role and perform a corresponding operation. Whitehouse clearly 
specifies separate and distinguished operations (e.g. request for postal indicium, 
authentication key generation and distribution, user account maintenance and 
account balancing, indicium generation or validation, etc.) to be performed by 
separate entities. For example, a user can only perform a limited set of 
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operations, such as requesting for postal indicium, and plays no role in system 
administration or management tasks such as key verification (performed by an 
auditor , as described in column 18 line 14 to 40), crediting or debiting accounts 
(performed by the secured central computer, column 12 line 65 to column 13 line 
15), authentication key generation or distribution (performed by Postal authorities 
or agents, as described in column 19 line 14 to 30) or Postal Indicium validation 
(column 20 line 55 to column 21 line 19). Therefore, the examiner asserts that it 
discloses the feature. 

3.6. As per claim 6, Whitehouse is directed the system of claim 5, wherein the 
assumed role is a security officer role to initiate a key management function (the 
key management function is performed by the postal authority computer as 
described in column 20 line 16 to 40). 

3.7. As per claim 7, Whitehouse is directed the system of claim 5, wherein the 
assumed role is an administrator role to manage a user access control database 
(the management of user database is performed within the secure central 
computer, where it stores and protects user data as described in column 10 line 
45 to column 11 line 12). 

3.8. As per claim 8, Whitehouse is directed the system of claim 5, wherein the 
assumed role is a provider role to withdraw from a user account (the central 
computer performs the role of user account withdrawal as described in column 
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12 line 65 to column 13 line 15). 
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3.9. As per claim 9, Whitehouse is directed the system of claim 5, wherein the 
assumed role is a user role to operate on a value bearing item (the user role is 
performed by the user computer, requesting indicium, as described in Fig. 5A 
item 200). 

3.10. As per claim 10, Whitehouse is directed the system of claim 5, wherein the 
assumed role is a certificate authority role to allow a public key certificate to be 
loaded and verified (column 18, line 14 to 40). 

3.11. As per claim 1 1 , Whitehouse is directed the system of claim 5, wherein the 
cryptographic device (part of the secured central computer) includes a computer 
executable code for supporting multiple concurrent users and maintaining a 
separation of roles and operations performed by each user (column 20 line 55 to 
column 23 line 18). 

3.12. As per claim 12, Whitehouse is directed the system of claim 5, wherein the 
cryptographic device stores information about a number of last transactions in a 
respective internal register (disclosed by the transaction log, column 9 lines 12 to 
31). 



3.13. As per claim 13, Whitehouse is directed the system of claim 12, wherein 
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the database stores a table including the respective information about a last 
transaction (column 9 line 12 to 31), a verification module to compare the 
information saved in the device with the information saved in the database 
(column 20 line 52 to column 23 line 19). 

3.14. As per claim 14, Whitehouse is directed the system of claim 1 further 
comprising a digital certificate stored in the database and assigned to a user 
when the user registers with the system (column 16 line 18 to column 17 line 35). 

3.15. As per claim 15, Whitehouse is directed the system of claim 1, wherein the 
cryptographic function is digitally signing a certificate (column 10 line 45 to 
column 11 line 30). 

3.16. As per claim 16, Whitehouse is directed the system of claim 1 , wherein the 
cryptographic function is encrypting data (claim 1). 

3.17. As per claim 17, Whitehouse is directed the system of claim 1, wherein the 
cryptographic function is decrypting data (claim 1). 

3.18. As per claim 18, Whitehouse is directed the system of claim 1 , wherein the 
database includes a user profile for the user (column 10 line 45 to column 1 1 line 
10). 
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3.19. As per claim 19, Whitehouse is directed to the system of claim 18, wherein 
the user profile includes username, password, account expiration, user role, 
logon failure count, logon failure limit, logon time-out limit, password expiration, 
and password period (column 10 line 45 to column 11 line 15). 

3.20. As per claim 20, Whitehouse is directed to system of claim 5, wherein the 
cryptographic device is capable of performing one or more of Rivest, Shamir and 
Adleman (RSA) public key encryption (clearly disclosed in column 16 line 39 to 
45), DES (clearly disclosed in column 23 line 49 to 59), Triple-DES, DSA 
signature, SHA-1, and Pseudo-random number generation algorithms (which are 
comparable encryption algorithms to RSA (column 16 line 41) and obvious 
choices to a person skilled in the art to use as alternative methods of encryption). 

3.21 . As per claim 21 , Whitehouse is directed to system of claim 5, wherein the 
cryptographic device stores information about a number of last transactions in an 
internal register (current piece count, column 10 line 64) and compares the 
information saved in the register with the information saved in a memory before 
loading a new transaction data (column 20 line 52 to column 22 line 51). 

3.22. As per claim 23, Whitehouse is directed to the method of claim 22, further 
comprising the step of storing a digital certificate and assigning the stored digital 
certificate to a user when the user registers with the system (column 16 line 18 to 
column 17 line 35). 



Application/Control Number: 10/083,236 
Art Unit: 2132 



Page 9 



3.23. As per claim 24, Whitehouse is directed to the method of claim 22, further 
comprising the step of storing a plurality of security device transaction data in the 
database, wherein each transaction data is related to one of a plurality of users 
(column 10 line 45 to column 11 line 30). 

3.24. As per claim 25, Whitehouse is directed the method of claim 24, further 
comprising the step of loading a security device transaction data related to a user 
(Fig. 5A item 200, 202, 204 and 206) into one of the one or more of cryptographic 
devices (the process that decrypts the message requests and digital signatures, 
as described in column 12 line 15 to column 13 line 15) when the user requests 
to operate on a value bearing item (Fig. 5A, item 200). 

3.25. As per claim 26, Whitehouse is directed the method of claim 25, further 
comprising the step of verifying that the requesting user is authorized to assume 
a role and to perform a corresponding operation. Whitehouse clearly specifies 
separate and distinguished operations (e.g. request for postal indicium, 
authentication key generation and distribution, user account maintenance and 
account balancing, indicium generation or validation, etc.) to be performed by 
separate entities. For example, a user can only perform a limited set of 
operations, such as requesting for postal indicium, and plays no role in system 
administration or management tasks such as key verification (performed by an 
auditor , as described in column 18 line 14 to 40), crediting or debiting accounts 
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(performed by the secured central computer, column 12 line 65 to column 13 line 
15), authentication key generation or distribution (performed by Postal authorities 
or agents, as described in column 19 line 14 to 30) or Postal Indicium validation 
(column 20 line 55 to column 21 line 19). Therefore, the examiner asserts that it 
discloses the feature. 

3.26. As per claim 27, Whitehouse is directed the method of claim 26, wherein 
the assumed role is an administrator role to manage a user access control (the 
management of user database is performed within the secure central computer, 
where it stores and protects user data as described in column 10 line 45 to 
column 11 line 12). 

3.27. As per claim 28, Whitehouse is directed the method of claim 26, wherein 
the assumed role is a user role to perform expected IBIP postal meter operations 
(column 25 line 45 to column 26 line 10). 

3.28. As per claim 29, Whitehouse is directed the method of claim 26, wherein 
the assumed role is a certificate authority role to allow a public key certificate to 
be loaded and verified (column 18, line 14 to 40). 

3.29. As per claim 30, Whitehouse is directed the method of claim 26, further 
comprising the steps of supporting multiple concurrent operators and maintaining 
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a separation of roles and operations performed by each operator (column 20 line 
55 to column 23 line 18). 

3.30. As per claim 31 , Whitehouse is directed the method of claim 22, further 
comprising the steps of: storing information about a number of last transactions 
in a respective internal register of each of the one or more cryptographic devices; 
storing a table including the information about a last transaction in the database 
(column 9 line 12 to 31); comparing the information saved in the respective 
device with the respective information saved in the database; and loading a new 
transaction data if the respective information stored in the device compares with 
the respective information stored in the database (column 20 line 52 to column 
23 line 19). 

3.31 . As per claim 32, Whitehouse is directed the method of claim 22, wherein 
the cryptographic function is digitally signing a certificate (column 10 line 45 to 
column 11 line 30). 

3.32. As per claim 33, Whitehouse is directed the method of claim 22, wherein 
the cryptographic function is encrypting data (claim 1). 

3.33. As per claim 34, Whitehouse is directed the method of claim 22, wherein 
the cryptographic function is decrypting data (claim 1). 
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3.34. As per claim 35, Whitehouse is directed the method of claim 22, further 
comprising the step of storing a user profile for a plurality of users (column 10 
line 45 to column 1 1 line 10). 

3.35. As per claim 36, Whitehouse is directed the method of claim 35, wherein 
the user profile includes username, user role, password, logon failure count, 
logon failure limit, logon time-out limit, account expiration, password expiration, 
and password period (column 10 line 45 to column 11 line 15). 

3.36. As per claim 37, Whitehouse is directed the method of claim 22, wherein 
the cryptographic function is one or more of Rivest, Shamir and Adleman (RSA) 
public key encryption (clearly disclosed in column 16 line 39 to 45), DES (clearly 
disclosed in column 23 line 49 to 59), Triple-DES, DSA signature, SHA-1, and 
Pseudo-random number generation algorithms (which are comparable encryption 
algorithms to RSA (column 16 line 41) and obvious choices to a person skilled in 
the art to use as alternative methods of encryption). 

Conclusion 

Any inquiry concerning this communication or earlier communications from 
the examiner should be directed to Farid Homayounmehr whose telephone 
number is 571 272 3739. The examiner can normally be reached on 9 hrs Mon- 
Fri, off Monday biweekly. 
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If attempts to reach the examiner by telephone are unsuccessful, the 
examiner's supervisor, Gilberto Barron can be reached on (571) 272-3799. The 
fax phone number for the organization where this application or proceeding is 
assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR 
only. For more information about the PAIR system, see http://pair- 
direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll- 
free). 

Farid Homayounmehr 
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